<?php
/* ----------------------------------------------------------
--               JacoCMS by Jaco Ruit                      --
-------------------------------------------------------------
--     JacoCMS is Open Source and is lincenced under       --
--             GNU General Public Licence v3               --
--          http://www.gnu.org/copyleft/gpl.html           --
-------------------------------------------------------------
--       Please don't remove any text from the footers.    --
-------------------------------------------------------------
-- Credits:   * Jaco Ruit          ~     Scripts,MySQL     --     
-----------------------------------------------------------*/

#important includes
include 'includes/config.php';
include 'includes/database.class.php'; 

#create database connection
$database = new Database();
$database->connect();

#finish includes
include 'includes/core.class.php';
include 'includes/analytics.class.php';
include 'includes/settings.class.php';
include 'includes/page.class.php';
include 'includes/video.class.php';
include 'includes/article.class.php';
include 'includes/comment.class.php';

#vars, classes
$page = new Page();
$article = new Article();
$video = new Video();
$analytics = new Analytics();
$settings = new Settings();
$comment = new Comment();
$core = new Core();
$searchid = null;
$commenttext = null;
$name = null;
$email = null;

#load style
$stylepath = $settings->loadStyle();
include ("style/" . $stylepath . "/styleinfo.php");

#analytics
$analytics->logVisitor();

#settings
if ($settings->videoGalleryEnabled())
{
	$custom = $page->getMenuCode();
	$custom .= '<li><a href="videogallery">Video Gallery</a></li>';
}
else
{
	$custom = $page->getMenuCode();
}

#get and filter extern vars 
if (isset($_GET['pid']))
{
	$postpid = $core->filter($_GET['pid']);
}
else
{
	header ("Location: Invalid Varserror");
}
if (isset($_GET['type']))
{
	$posttype = $core->filter($_GET['type']);
}
else
{
	header ("Location: Invalid Varserror");
}

if (isset($_POST['commenttext']))
{
	$commenttext = $core->filter(strip_tags($_POST['commenttext']));
}
else
{
	header ("Location: Invalid Varserror");
}

if (isset($_POST['email']))
{
	$email = $core->filter(strip_tags($_POST['email']));
}
else
{
	header ("Location: Invalid Varserror");
}

if (isset($_POST['poster']))
{
	$name = $core->filter(strip_tags($_POST['poster']));
}
else
{
	header ("Location: Invalid Varserror");
}

if($commenttext == null)
{
	header ("Location: Invalid Varserror");
}


#check if they are valid
if ($posttype == 'v')
{
	if($video->checkIfExists($postpid) == false)
	{
		header ("Location: Invalid Varserror");
	}
	else if ($video->checkIfExists($postpid) == true)
	{
		$link = "video-" . $postpid;
	}
	else
	{
		header ("Location: Invalid Varserror");
	}
}
else if ($posttype == 'a')
{
	if($article->checkIfExists($postpid) == false)
	{
		header ("Location: Invalid Varserror");
	}
	else if ($article->checkIfExists($postpid) == true)
	{	
		$link = "article-" . $postpid;
	}
	else
	{
		header ("Location: Invalid Varserror");
	}
}
else
{
	header ("Location: Invalid Varserror");
}

if($commenttext == null)
{
header ("Location: Invalid Varserror");
}
if ($name == null)
{
header ("Location: Invalid Varserror");
}
if ($email == null)
{
header ("Location: Invalid Varserror");
}


#yay, they're valid. insert it
if ($commenttext != null)
{
$comment->post($commenttext, $name, $email, $postpid, $posttype);
#succes, change header and redirect to article/video path
header ("Location: " . $link);
}
else
{
header ("Location: Invalid Varserror");
}



#no template
?>